Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d231c72097d4ac8130ffbb623fba9d7b4dfab4891eacfbe75998eafdf0f8936e
-
Size
1.3MB
-
Sample
221101-rdjfsscea7
-
MD5
6b6e4151d3dd97836d5931e67999e572
-
SHA1
7e66cff0433407fc3fca3a88b34db27d9ba5aaf9
-
SHA256
d231c72097d4ac8130ffbb623fba9d7b4dfab4891eacfbe75998eafdf0f8936e
-
SHA512
dce6a303eb07cff922171449836b27fdd66283a9fefe08926e7d2dead0a5f907f8e334135fe2d49388411ac662e24d46619a671fe34c11192ae6430d0d998190
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Behavioral task
behavioral1
Sample
d231c72097d4ac8130ffbb623fba9d7b4dfab4891eacfbe75998eafdf0f8936e.exe
Resource
win10-20220812-en
Malware Config
Targets
-
-
Target
d231c72097d4ac8130ffbb623fba9d7b4dfab4891eacfbe75998eafdf0f8936e
-
Size
1.3MB
-
MD5
6b6e4151d3dd97836d5931e67999e572
-
SHA1
7e66cff0433407fc3fca3a88b34db27d9ba5aaf9
-
SHA256
d231c72097d4ac8130ffbb623fba9d7b4dfab4891eacfbe75998eafdf0f8936e
-
SHA512
dce6a303eb07cff922171449836b27fdd66283a9fefe08926e7d2dead0a5f907f8e334135fe2d49388411ac662e24d46619a671fe34c11192ae6430d0d998190
-
SSDEEP
24576:U2G/nvxW3Ww0t6TnzGmVBDh4+aknuRRZJND0gFJ4rD/IjC:UbA30GnzV/q+DnsXg
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-